diff options
| author | David Shaw <[email protected]> | 2002-07-17 19:48:19 +0000 |
|---|---|---|
| committer | David Shaw <[email protected]> | 2002-07-17 19:48:19 +0000 |
| commit | 75ad30031f6167765973a8fb4dfb49c8b2a55ee7 (patch) | |
| tree | 7ee3f60cd167c3403df1a09b9b2be62043832272 /g10/export.c | |
| parent | * gpgkeys_ldap.c (send_key, get_key, main): Consult the server version (diff) | |
| download | gnupg-75ad30031f6167765973a8fb4dfb49c8b2a55ee7.tar.gz gnupg-75ad30031f6167765973a8fb4dfb49c8b2a55ee7.zip | |
* keyedit.c (show_key_with_all_names_colon): The 0x40 class bit in a
designated revoker means "sensitive", not "local". It's exportable under
the right circumstances.
* main.h, options.h, export.c (do_export_stream), g10.c (main), hkp.c
(hkp_export), keyserver.c (keyserver_spawn: Add a flag to skip attribute
packets and their signatures while exporting. This is to accomodate
keyservers (pksd again) that choke on attributes. Use keyserver-option
"include-attributes" to control it. This defaults to ON (i.e. don't
skip).
Diffstat (limited to 'g10/export.c')
| -rw-r--r-- | g10/export.c | 41 |
1 files changed, 28 insertions, 13 deletions
diff --git a/g10/export.c b/g10/export.c index 47d06e651..83e6b970e 100644 --- a/g10/export.c +++ b/g10/export.c @@ -34,20 +34,21 @@ #include "main.h" #include "i18n.h" -static int do_export( STRLIST users, int secret, int onlyrfc ); +static int do_export( STRLIST users, int secret, int flags ); static int do_export_stream( IOBUF out, STRLIST users, - int secret, int onlyrfc, int *any ); + int secret, int flags, int *any ); /**************** * Export the public keys (to standard out or --output). * Depending on opt.armor the output is armored. - * If onlyrfc is True only RFC24404 compatible keys are exported. - * If USERS is NULL, the complete ring will be exported. - */ + * flags has two bits: EXPORT_FLAG_ONLYRFC, so that only RFC2440 + * compatible keys are exported, and EXPORT_FLAG_SKIPATTRIBS to not + * export attribute packets (photo IDs). + * If USERS is NULL, the complete ring will be exported. */ int -export_pubkeys( STRLIST users, int onlyrfc ) +export_pubkeys( STRLIST users, int flags ) { - return do_export( users, 0, onlyrfc ); + return do_export( users, 0, flags ); } /**************** @@ -55,11 +56,11 @@ export_pubkeys( STRLIST users, int onlyrfc ) * been exported */ int -export_pubkeys_stream( IOBUF out, STRLIST users, int onlyrfc ) +export_pubkeys_stream( IOBUF out, STRLIST users, int flags ) { int any, rc; - rc = do_export_stream( out, users, 0, onlyrfc, &any ); + rc = do_export_stream( out, users, 0, flags, &any ); if( !rc && !any ) rc = -1; return rc; @@ -78,7 +79,7 @@ export_secsubkeys( STRLIST users ) } static int -do_export( STRLIST users, int secret, int onlyrfc ) +do_export( STRLIST users, int secret, int flags ) { IOBUF out = NULL; int any, rc; @@ -98,7 +99,7 @@ do_export( STRLIST users, int secret, int onlyrfc ) } if( opt.compress_keys && opt.compress ) iobuf_push_filter( out, compress_filter, &zfx ); - rc = do_export_stream( out, users, secret, onlyrfc, &any ); + rc = do_export_stream( out, users, secret, flags, &any ); if( rc || !any ) iobuf_cancel(out); @@ -109,7 +110,7 @@ do_export( STRLIST users, int secret, int onlyrfc ) static int -do_export_stream( IOBUF out, STRLIST users, int secret, int onlyrfc, int *any ) +do_export_stream( IOBUF out, STRLIST users, int secret, int flags, int *any ) { int rc = 0; PACKET pkt; @@ -166,7 +167,8 @@ do_export_stream( IOBUF out, STRLIST users, int secret, int onlyrfc, int *any ) } /* do not export keys which are incompatible with rfc2440 */ - if( onlyrfc && (node = find_kbnode( keyblock, PKT_PUBLIC_KEY )) ) { + if( (flags&EXPORT_FLAG_ONLYRFC) && + (node = find_kbnode( keyblock, PKT_PUBLIC_KEY )) ) { PKT_public_key *pk = node->pkt->pkt.public_key; if( pk->version == 3 && pk->pubkey_algo > 3 ) { log_info(_("key %08lX: not a rfc2440 key - skipped\n"), @@ -231,6 +233,19 @@ do_export_stream( IOBUF out, STRLIST users, int secret, int onlyrfc, int *any ) SIGSUBPKT_PRIV_VERIFY_CACHE); } + /* Don't export attribs? */ + if( (flags&EXPORT_FLAG_SKIPATTRIBS) && + node->pkt->pkttype == PKT_USER_ID && + node->pkt->pkt.user_id->attrib_data ) { + /* Skip until we get to something that is not an attrib + or a signature on an attrib */ + while(kbctx->next && kbctx->next->pkt->pkttype==PKT_SIGNATURE) { + kbctx=kbctx->next; + } + + continue; + } + if( secret == 2 && node->pkt->pkttype == PKT_SECRET_KEY ) { /* we don't want to export the secret parts of the * primary key, this is done by using GNU protection mode 1001 |